Wrong server used in SSL request

Jannik Zschiesche hello at apfelbox.net
Wed Jul 10 08:42:44 UTC 2013


Am Mittwoch, 10. Juli 2013 um 09:54 schrieb Jonathan Matthews:
> This is due to you having only one IP listening for ssl traffic. It's a fundamental limitation of ssl when not used with SNI.
> To fix it, you'll need to either use more IPs and listen explicitly on different ones for different virtual hosts, or use SNI, or use a wildcard (or UCC/SaN) certificate. The first fix is by far the most common for people in your situation. 
> HTH,
> Jonathan

Hi,

thank you both.


Actually, I have SNI enabled.

https://example.com
and 
https://shop.example.com 

both work correctly (so SNI works).

The issue is with the nonexistent SSL server for example2.com.
It seems, that if a SSL server for a domain is not configured, another server is used (instead of error-ing out). Is this correct?


-- 
Cheers
Jannik Zschiesche

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130710/ab781384/attachment.html>


More information about the nginx mailing list